﻿<?php session_start(); ?>
<?php
include("siteName.php");
$msg = "";
$redirect = "";
$email = "";
if (isset($_COOKIE["bzShoppingEmail"])) {
$email = $_COOKIE["bzShoppingEmail"];
}
require("dbInc.php");
if (isset($_POST["btnLogin"])) {
if (filter_var($_POST["txtEmail"], FILTER_VALIDATE_EMAIL)) {
$mysqliObj = new mysqli($dbHost, $dbUser, $dbPass, $dbDB);
$vEmail = "'" . mysqli_real_escape_string($mysqliObj, $_POST["txtEmail"]) . "'";
$sql = sprintf("select id, vPassword, vFirstName, vLastName, vLastLogin from %s where vEmail = %s;", $tableUsers, $vEmail, $vPassword);
$res = $mysqliObj->query($sql);
if ($res->num_rows > 0) {
$row = $res->fetch_assoc();
if ($row["vPassword"] == $_POST["txtPassword"]) {
setcookie("bzShoppingEmail", $_POST["txtEmail"], time() + 604800);
$sql = sprintf("update %s set vLastLogin = '%s' where id = %s;", $tableUsers, date("Y/m/d H:i"), $row["id"]);
$msg = $sql;
$mysqliObj->query($sql);
$_SESSION["id"] = $row["id"];
$_SESSION["uName"] = trim($row["vFirstName"] . " " . $row["vLastName"]);
$lastLogin = strval($row["vLastLogin"]);
if (strlen($lastLogin) > 0) {
$msg = "Logged in - you will be redirected back to entry page";
$redirect = "index.php";
} else {
$msg = "Logged in - since this is your first login, you will be redirected to change password page";
$redirect = "changePassword.php";
}//end of checking for lastLogin
} else {
$msg = "Invalid password";
}//end of checking password match
} else {
$msg = "That e-mail address does not appear to be registered on this site as such";
}//end of checking num_rows
$mysqliObj->close();
}//end of checking if real email address entered
}//end of checking if login button pressed
include("sendMail.php");
if (isset($_POST["btnForgot"])) {
if (filter_var($_POST["txtEmail"], FILTER_VALIDATE_EMAIL)) {
$mysqliObj = new mysqli($dbHost, $dbUser, $dbPass, $dbDB);
$sql = sprintf("select vPassword, vTitle, vFirstName, vLastName from %s where vEmail = '%s';", $tableUsers, mysqli_real_escape_string($mysqliObj, $_POST["txtEmail"]));
$res = $mysqliObj->query($sql);
if ($res->num_rows > 0) {
$row = $res->fetch_assoc();
$to = $_POST["txtEmail"];
$eTitle = $_row["vTitle"];
$eFName = $row["vFirstName"];
$eLName = $row["vLastName"];
$ePassword = $row["vPassword"];
$subject = $siteName . " password reminder";
$body = "<h3>" . $siteName . " password reminder</h3>\n<p>Hullo there, " . $eTitle . " " . $eFName . " " . $eLName . ".<br /><br />\nThe password for this e-mail address (" . $to . "), on the " . $siteName . " website:-<br />\n";
$body .= "<a href='" . $siteAddress . "' target='_blank'>" . $siteAddress . "</a> is the following.<br /><br />\n";
$body .= "Password:<br />\n" . $ePassword . "<br />\n";
sendMail($to, $body, $subject);
$msg = "A password reminder e-mail has been sent to your e-mail address";
} else {
$msg = "That e-mail address has not been used to register on this site";
}//end of checking num_rows
$mysqliObj->close();
} else {
$msg = "You need to enter a valid e-mail address";
}//end of checking if valid email address
}//end of checking if forgot password button pressed
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title><?php echo $siteName . " login"; ?></title>
<link type="text/css" rel="stylesheet" href="styles.css" />
<?php
include("includefunctions.inc");
?>
<script type="text/javascript" language="javascript">
function checkMsg() {
var msg = "<?php echo $msg; ?>";
var redir = "<?php echo $redirect; ?>";
if (msg.length > 0) {
alert(msg);
}
if (redir.length > 0) {
document.location = redir;
}
}//end of checkMsg function
</script>
</head>
<body onload="checkMsg();">
<iframe name="logoFrame" id="logoFrame" src="logo.htm" border="0" height="120" align="top" frameborder="0" marginheight="0" width="100%" scrolling="no">
<a href="http://www.blindza.co.za/" target="_blank">
<img src="logo/blindza_logo_smaller46.jpg" alt="blindZA.co.za logo - white text on black background, with white border - and red braille version hovering in front of normal text" width="317" height="103" border="0" />
</a>
</iframe>
<a href="index.php">Back to entry page</a>
<h2><?php echo $siteName . " login"; ?></h2>
<?php
if (strlen($msg) > 0) {
echo "<p class='error'>" . $msg . "</p>";
}
?>
<form action="login.php" method="post" enctype="multipart/form-data">
<table align="center" border="0">
<tr>
<th align="center" colspan="2">
If you have not yet registered, you can go here to <a href="register.php">register</a>, or else, fill out information below, and if you&#039;ve forgotten your password, you can use the <b>forgot password</b> button below as well.
</th>
</tr>
<tr>
<th align="right">E-mail address</th>
<td>
<input type="text" name="txtEmail" value="<?php echo $email; ?>" />
</td>
</tr>
<tr>
<th align="right">Password</th>
<td>
<input type="password" name="txtPassword" />
</td>
</tr>
<tr>
<th align="center" colspan="2">
<input type="submit" name="btnLogin" value="Login" /><br />
<input type="submit" name="btnForgot" value="Forgot password" />
</th>
</tr>
</table>
</form>
</body>
</html>
